Lync Server 2013 中自动客户端登录的 DNS 要求DNS requirements for automatic client sign-in in Lync Server 2013

 

上次修改的主题: 2012-06-19Topic Last Modified: 2012-06-19

本节介绍客户端自动登录所需的域名系统 (DNS) 记录。This section explains the Domain Name System (DNS) records that are required for automatic client sign-in. 部署 Standard Edition Server 或前端池时,可以将客户端配置为使用自动发现登录相应的 Standard Edition Server 或前端池。When you deploy your Standard Edition servers or Front End pools, you can configure your clients to use automatic discovery to sign in to the appropriate Standard Edition server or Front End pool. 如果计划要求客户端手动连接到 Lync Server 2013,则可以跳过此主题。If you plan to require your clients to connect manually to Lync Server 2013, you can skip this topic.

要支持自动客户端登录,必须执行以下操作:To support automatic client sign-in, you must:

  • 指定单个服务器或池,以分发客户端登录请求并进行身份验证。它可以是组织中承载用户的现有服务器或池,您也可以指定一个未承载任何用户的专用服务器或池。为了获得高可用性,建议您为此功能指定前端池。Designate a single server or pool to distribute and authenticate client sign-in requests. This can be an existing server or pool in your organization that hosts users, or you can designate a dedicated server or pool for this purpose that hosts no users. For high availability, we recommend that you designate a Front End pool for this function.

  • 创建内部 DNS SRV 记录以支持此服务器或池的自动客户端登录。Create an internal DNS SRV record to support automatic client sign-in for this server or pool.

    备注

    在下列记录要求中,SIP 域是指分配给用户的 SIP URI 的主机部分。例如,如果 SIP URI 的形式为 *@contoso.com,则 contoso.com 即为 SIP 域。SIP 域通常不同于内部 Active Directory 域。一个组织也可以支持多个 SIP 域。In the following record requirements, SIP domain refers to the host portion of the SIP URIs assigned to users. For example, if SIP URIs are of the form *@contoso.com, contoso.com is the SIP domain. The SIP domain is often different from the internal Active Directory domain. An organization can also support multiple SIP domains.

若要为你的客户端启用自动配置,必须创建内部 DNS SRV 记录,将以下记录之一映射到前端池或 Standard Edition 服务器的完全限定的域名 (FQDN) ,以便从 Lync 客户端分发登录请求:To enable automatic configuration for your clients, you must create an internal DNS SRV record that maps one of the following records to the fully qualified domain name (FQDN) of the Front End pool or Standard Edition server that distributes sign-in requests from Lync clients:

  • _sipinternaltls。 _rdp-tcp.<domain>_sipinternaltls._tcp.<domain> -用于内部 TLS 连接- for internal TLS connections

您只需要为将分发登录请求的前端池或 Standard Edition Server 创建单个 SRV 记录。You only need to create a single SRV record for the Front End pool or Standard Edition server or that will distribute sign-in requests.

下表显示虚构的公司 Contoso 所需的某些记录示例,该公司支持 contoso.com 和 retail.contoso.com 这两个 SIP 域。The following table shows some example records required for the fictitious company Contoso, which supports SIP domains of contoso.com and retail.contoso.com.

多 SIP 域客户端自动登录所需的 DNS 记录的示例Example of DNS Records Required for Automatic Client Sign-in with Multiple SIP Domains

用于分发登录请求的前端池的 FQDNFQDN of Front End pool used to distribute sign-in requests SIP 域SIP domain DNS SRV 记录DNS SRV record

pool01.contoso.compool01.contoso.com

contoso.comcontoso.com

_sipinternaltls._tcp.contoso.com 域的 SRV 记录,通过端口 5061 映射到 pool01.contoso.comAn SRV record for _sipinternaltls._tcp.contoso.com domain over port 5061 that maps to pool01.contoso.com

pool01.contoso.compool01.contoso.com

retail.contoso.comretail.contoso.com

_sipinternaltls._tcp.retail.contoso.com 域的 SRV 记录,通过端口 5061 映射到 pool01.contoso.comAn SRV record for _sipinternaltls._tcp.retail.contoso.com domain over port 5061 that maps to pool01.contoso.com

备注

默认情况下,DNS 记录的查询遵守用户名与 SRV 记录中的域之间的严格域名匹配。By default, queries for DNS records adhere to strict domain name matching between the domain in the user name and the SRV record. 如果更希望客户端 DNS 查询改用后缀匹配,可以配置 DisableStrictDNSNaming 组策略。If you prefer that client DNS queries use suffix matching instead, you can configure the DisableStrictDNSNaming Group Policy. 有关详细信息,请参阅规划文档中的在 Lync Server 2013 中规划客户端和设备For details, see Planning for clients and devices in Lync Server 2013 in the Planning documentation.

客户端自动登录所需证书和 DNS 记录的示例Example of the Certificates and DNS Records Required for Automatic Client Sign-In

本示例使用上表中相同的示例名称。Contoso 组织支持 contoso.com 和 retail.contoso.com 这两个 SIP 域,该组织的所有用户都具有下列某种形式的 SIP URI:This example uses the same example names in the preceding table. The Contoso organization supports the SIP domains of contoso.com and retail.contoso.com, and all of its users have a SIP URI in one of the following forms:

  • <user>@retail contoso.com<user>@retail.contoso.com

  • <user>@contoso .com<user>@contoso.com